[wp-hackers] Re: [OT] Resources for Defending Against Blog Attacks

Alex Günsche ag.ml2007 at zirona.com
Sat Aug 11 20:16:30 GMT 2007

On Fri, 2007-08-10 at 10:49 -0400, Christian Höltje wrote:
> The setting for the apache.conf file for open_basedir is:
> php_value open_basedir             '/path/to/your/webbase/'
> Don't forget the trailing '/' as the string is just a prefix check.

Good point, I forgot to mention that. It is to say however that since
PHP 5.2.2, I have problems with open_basedir when operating on
DocumentRoot level with the trailing slash. For example
is_writable('/var/www/www.example.com/htdocs/') with the below
configuration would produce an error -- even if it is writable.
Therefore I had to remove the trailing slash in the open_basedir value
for some of my hosts.

> How do you set the local tmp directory?

I have one config file per vHost. A simple VirtualHost section in this
file could look like this:

DocumentRoot /var/www/www.example.com/htdocs/
ServerName www.example.com
ServerAdmin webmaster at example.com
Setenv VLOG /var/www/www.example.com/htdocs/log/
ErrorLog /var/www/www.example.com/htdocs/log/error.log
php_admin_value open_basedir "/var/www/www.example.com/htdocs/"
php_admin_value file_uploads 1
php_admin_value upload_tmp_dir "/var/www/www.example.com/htdocs/phptmp/"
php_admin_value session.save_path "/var/www/www.example.com/htdocs/phptmp/"
RewriteEngine On
RewriteOptions inherit

Best regards,

Alex Günsche, Zirona OpenSource-Consulting
Blogs: http://www.zirona.com/ | http://www.regularimpressions.net
PubKey for this address: http://www.zirona.com/misc/ag.ml2007.asc

More information about the wp-hackers mailing list